Introduction
Cyber forensics is the investigation of cases wherein there is digital or electronic evidence involving a crime or suspicious behavior by any person. It may either be a cybercrime in itself or digital platforms may be used to prepare for the commission of physical crime. It essentially relates to the various investigation and analysis techniques that are to identify, seize, authenticate, analyze, document, or preserve the digital evidence. This evidence gather from a computing device should be presentable in the court of law.
Every country has its own cyber laws on the basis of which investigators follow a determined procedure to ensure that there is no contamination or loss of evidence and it is produced safely before the court of law. These laws are not limited to the country’s internal matters and are also enforced by the Interpol to uncover cybercrime operations.[1] There are various scientific techniques and proprietary applications that are utilized to acquire and preserve evidence in its pristine condition. For instance, forensic imaging is one such element wherein the bit-by-bit copy of a depository of a device can be obtained, including all the files that were deleted or left in the slack and free space.
Indian Laws
Cyber Forensic law in India is predominantly governed by the Information Technology Act, 2000. A legal recognition was provided to electronic signatures, recorded electronic data, interchange, and other means of communication through this Act. Due to this, the electronic filing of documents with various government agencies was facilitated thereby amending other legislations like the Indian Evidence Act, 1872, Indian Penal Code, Reserve Bank of India Act, 1934, Bankers’ Book Evidence Act, 1891, et al. Section 79A of the IT Act defines electronic evidence as “any information of probative value that is either stored or transmitted in electronic form and includes computer evidence, digital audio, digital video, cell phones, digital fax machines”.
Section 65(B) of the Indian Evidence Act deals with the admissibility of electronic evidence in the Court. It requires the electronic records to be certified by a person holding a responsible position. However, the Supreme Court has clarified that the requirement of a certificate is not necessary. Justice cannot be denied to a party who possesses the authentic evidence/witness but is not in a position to produce the certificate during the proceedings.[2]
As per Section 28, the investigations regarding contravention of any rules in the Act shall be take up by the Controller of Certifying Authorities or any officer authorize by him. Such investigating officers shall have access to data stored in any computer system or other apparatus if they have a reasonable suspicion that the provisions of the Act are being violated.[3] The officer can direct any person connected with the operation to provide technical assistance.[4]
The Central and State government officers also possess discretionary powers to intercept, monitor or decrypt any information in the national interests of sovereignty, integrity, security, public order, maintenance of friendly relations with other nations and prevention of incitement to cognizable offenses.[5] The Central government authorizes Examiner of Electronic Evidence to provide expert opinion on the electronic form of evidence before any court or authority.[6] An Indian Computer Emergency Response Team can also be appoint by the Central government in order to expediently respond to cybersecurity incidents.[7]
U.S. Laws
The law enforcement mechanism relies considerably on digital evidence to obtain important information about the victims as well as suspects. Some of the codified laws in this relation are the Wiretap Act[8], Pen Registers and Trap and Trace Devices Statute[9], Stored Wired, Electronic Communication Privacy Act[10] , and the Privacy Protection Act[11] (PPA). Under the Wiretap Act, the Court can issue an order allowing law enforcement agencies to intercept electronic communication only on the basis of a strong justification.
The Pen Registers and Trap and Trace Devices Statute covers all the metadata like email addresses, phone numbers dialed, or calls received. Generally, the government officers need to seek an order of the Court before intercepting such metadata. Likewise, under the ECPA, appropriate legal authorization is require to obtain subscriber data store by Internet Service Providers. Any intruding act violating these laws could constitute a federal felony punishable with a fine and/or imprisonment.
The operation of laws in the arena of cybersecurity is such that the U.S. Constitution and U.S. Statutory Laws predominantly govern the issues related to the collection of data and authority to monitor data. Along these lines, the Federal Rules of Evidence primarily deal with the admissibility of evidence.[12] The US Computer Agency Readiness Team advocates a defense-in-depth approach for cyber and network security. With regard to the seizure of data, the Fourth Amendment to the U.S. Constitution provides security to the general public from unreasonable search and seizure by the government officials.
On the other hand, the Communications Assistance for Law Enforcement Act was promulgate in order to facilitate the law enforcement agencies to conduct surveillance of telephone networks. Earlier, the Frye test[13] regarding the admissibility of evidence was applied by the Court. It implied that scientific evidence shall be admit if the science on which it relies is largely accept by the scientific community. However, this test was later replaced by the Daubert Test[14] which suggests that the Courts have a gatekeeping obligation to assess the reliability of scientific evidence produced. The National Institute of Standards and Technology provides for the parameters for asserting whether the evidence is scientifically valid.
Conclusion
Both the legislations, the U.S. Code and the Information Technology Act seek to prosecute offenses that use computers or other devices as instruments for the perpetuation of the crime. The USC provides for the investigation and prosecution of cybercrime in the same manner as physical crimes. It simply adds Section 1030 to recognize the use of digital mediums.
On the other hand, the Information Technology Act implements a different approach as it particularly states. That it aims to regulate conduct within e-commerce. Summarily, in the U.S. the combining effect of various laws is observed to achieve a successful criminal prosecution. Whereas, in India there exists a uniform law passed specifically to deal with cyber-criminal offenses. While looking at the overall trends it can be derived; that the access of confidential information is a criminal activity in the U.S. On the other hand, the dissemination of the acquired information is the focal point of emerging criminal law in India[15].
Digital evidence is easier to avail and more convenient to process, analyze and store in this age of digitization. However, the law enforcement needs to constantly react and adapt the ever-advancing technologies to design laws compatible with the same. The Courts have also been coming to grips with the unique developments that are emerging in cyber forensics. There are numerous operations performed by the law enforcement agencies across the world for reducing the global impact of cybercrime.
References:
[1] Tan, A. (2020, January 27). Interpol uncovers cyber crime operation in Indonesia. Retrieved May 14, 2020, from https://www.computerweekly.com/news/252477423/Interpol-uncovers-cyber-crime-operation-in-Indonesia
[2] Shafhi Mohammad v. The State of Himachal Pradesh, Special Leave to Petition (Criminal) No. 002302-002302
[3] Section 29(1), Information Technology Act, 2000
[4] Section 29(2), Information Technology Act, 2000
[5] See, Section 69, Information Technology Act, 2000
[6] Section 79(A)
[7] Section 70(B), Information Technology Act, 2000
[8] Wiretap Act (18 U.S.C. §2510 et seq.)
[9] Pen Registers and Trap and Trace Devices Statute , (18 U.S.C. §3121 et seq.)
[10] Electronic Communication Privacy Act (18 U.S.C. §2701 et seq.)
[11] Privacy Protection Act (PPA) (42 U.S.C. §2000aa et seq.)
[12] US-CERT. (2008). Computer Forensics. Retrieved from https://www.uscert.gov/sites/default/files/publications/forensics.pdf
[13] Frye v. United States, 293 F. 1013 (D.C. Cir. 1923)
[14] Daubert v. Merrell Dow Pharmaceuticals, Inc., 509 U.S. 579 (1993)
[15] Santanam, R., Sethumadhavan, M., & Virendra, M. (2010). Cyber Security, Cyber Crime and Cyber Forensics: Applications and Perspectives (1st ed., Vol. 1). Hershey, New York: IGI Global. https://doi.org/10.4018/978-1-60960-123-2
0 Comments